decl.c (init_decl_processing): Add new class "protectionDomain" field.

gcc/java:

2001-04-25  Bryce McKinlay  <bryce@waitaki.otago.ac.nz>

	* decl.c (init_decl_processing): Add new class "protectionDomain"
	field.
	* class.c (make_class_data): Set initial value for "protectionDomain".

libjava:

2001-04-25  Bryce McKinlay  <bryce@albatross.co.nz>

	java.security merge and ClassLoader compliance fixes.

	* java/lang/Class.h (Class): Include ProtectionDomain.h.
	New protectionDomain field.
	(forName): Add initialize parameter. Fixes declaration to comply with
	JDK spec.
	* java/lang/natClass.cc (forName): Correct declaration of the three-arg
	variant. Honour	"initialize" flag.
	(getProtectionDomain0): New method.
	* java/lang/Class.java: Fix forName() declaration.
	(getPackage): New method based on Classpath implementation.
	(getProtectionDomain0): New native method decl.
	(getProtectionDomain): New method.
	* java/lang/ClassLoader.java (getParent): Now final.
	(definedPackages): New field.
	(getPackage): New.
	(defineClass): New variant with protectionDomain argument.
	(definePackage): New.
	(getPackages): New.
	(findSystemClass): Now final.
	(getSystemResourceAsStream): Remove redundant "final" modifier.
	(getSystemResource): Remove redundant "final" modifier.
	(getResources): Now final.
	(protectionDomainPermission): New static field.
	(unknownProtectionDomain): Ditto.
	(defaultProtectionDomain): Ditto.
	(getSystemClassLoader): Now non-native.
	* java/util/ResourceBundle.java (tryGetSomeBundle): Use the correct
	arguments for Class.forName().
	* java/lang/Package.java: New file.
	* gnu/gcj/runtime/VMClassLoader.java (getVMClassLoader): Removed.
	(instance): Static initialize singleton.
	(findClass): Override this, not findSystemClass.
	* java/lang/natClassLoader.cc (defineClass0): Set class's
	protectionDomain field as specified.
	(getSystemClassLoader): Removed.
	(findClass): Renamed from findSystemClass. Call the interpreter via
	URLClassLoader.findClass if loading class via dlopen fails.

	* java/security/*.java: java.security import/merge with Classpath.
	* java/security/acl/*.java: Likewise.
	* java/security/interfaces/*.java: Likewise.
	* java/security/spec/*.java: Likewise.
	* java/net/NetPermission.java: Likewise.
	* java/net/SocketPermission.java: Likewise.
	* gnu/java/security/provider/DefaultPolicy.java: Likewise.

	* Makefile.am: Add new classes.
	* Makefile.in: Rebuilt.
	* gcj/javaprims.h: CNI namespace rebuild.

From-SVN: r41543

1 files changed, 166 insertions, 0 deletions

diff --git a/libjava/java/security/SignedObject.java b/libjava/java/security/SignedObject.java
new file mode 100644
index 0000000..34f80e9
--- /dev/null
+++ b/libjava/java/security/SignedObject.java
@@ -0,0 +1,166 @@
+/* SignedObject.java --- Signed Object Class
+   Copyright (C) 1999 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+As a special exception, if you link this library with other files to
+produce an executable, this library does not by itself cause the
+resulting executable to be covered by the GNU General Public License.
+This exception does not however invalidate any other reasons why the
+executable file might be covered by the GNU General Public License. */
+
+package java.security;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.Serializable;
+
+/**
+   SignedObject is used for storing rutime objects whose integrity
+   cannot be compromised without being detected.
+
+   SignedObject contains a Serializable object which is yet to be 
+   signed and its signature.
+
+   The signed copy is a "deep copy" (in serialized form) of the 
+   original object. Any changes to the original will not affect 
+   the original.
+
+   Several things to note are that, first there is no need to 
+   initialize the signature engine as this class will handle that 
+   automatically. Second, verification will only succeed if the
+   public key corresponds to the private key used to generate 
+   the SignedObject.
+
+   For fexibility, the signature engine can be specified in the 
+   constructor or the verify method. The programmer who writes 
+   code that verifies the SignedObject has not changed should be 
+   aware of the Signature engine they use. A malicious Signature 
+   may choose to always return true on verification and 
+   bypass the secrity check.
+
+   The GNU provider provides the NIST standard DSA which uses DSA 
+   and SHA-1. It can be specified by SHA/DSA, SHA-1/DSA or its 
+   OID. If the RSA signature algorithm is provided then
+   it could be MD2/RSA. MD5/RSA, or SHA-1/RSA. The algorithm must
+   be specified because there is no default.
+
+   @author Mark Benvenuto <ivymccough@worldnet.att.net>
+
+   @since JDK 1.2
+ */
+public final class SignedObject implements Serializable
+{
+  private byte[] content;
+  private byte[] signature;
+  private String thealgorithm;
+
+  /**
+     Constructs a new SignedObject from a Serializeable object. The 
+     object is signed with private key and signature engine
+
+     @param object the object to sign
+     @param signingKey the key to sign with
+     @param signingEngine the signature engine to use
+
+     @throws IOException serialization error occured
+     @throws InvalidKeyException invalid key
+     @throws SignatureException signing error
+   */
+  public SignedObject(Serializable object, PrivateKey signingKey,
+		      Signature signingEngine) throws IOException,
+    InvalidKeyException, SignatureException
+  {
+    thealgorithm = signingEngine.getAlgorithm();
+
+    ByteArrayOutputStream ostream = new ByteArrayOutputStream();
+    ObjectOutputStream p = new ObjectOutputStream(ostream);
+    p.writeObject(object);
+    p.flush();
+
+    content = ostream.toByteArray();
+
+    signingEngine.initSign(signingKey);
+    signingEngine.update(content);
+    signature = signingEngine.sign();
+  }
+
+  /**
+     Returns the encapsulated object. The object is 
+     de-serialized before being returned.
+
+     @return the encapsulated object
+
+     @throws IOException de-serialization error occured
+     @throws ClassNotFoundException de-serialization error occured
+   */
+  public Object getObject() throws IOException, ClassNotFoundException
+  {
+    ByteArrayInputStream istream = new ByteArrayInputStream(content);
+
+    return new ObjectInputStream(istream).readObject();
+  }
+
+  /**
+     Returns the signature of the encapsulated object.
+
+     @return a byte array containing the signature
+   */
+  public byte[] getSignature()
+  {
+    return signature;
+  }
+
+  /**
+     Returns the name of the signature algorithm.
+
+     @return the name of the signature algorithm.
+   */
+  public String getAlgorithm()
+  {
+    return thealgorithm;
+  }
+
+  /**
+     Verifies the SignedObject by checking that the signature that 
+     this class contains for the encapsulated object.
+
+     @param verificationKey the public key to use
+     @param verificationEngine the signature engine to use
+
+     @return true if signature is correct, false otherwise
+
+     @throws InvalidKeyException invalid key
+     @throws SignatureException signature verification failed
+   */
+  public boolean verify(PublicKey verificationKey,
+			Signature verificationEngine) throws
+    InvalidKeyException, SignatureException
+  {
+    verificationEngine.initVerify(verificationKey);
+    verificationEngine.update(content);
+    return verificationEngine.verify(signature);
+  }
+
+  //     readObject is called to restore the state of the SignedObject from a
+  //     stream.
+  //private void readObject(ObjectInputStream s)
+  //                 throws IOException, ClassNotFoundException
+}